package com.pac.login.controller;

import java.util.Date;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import com.common.tools.MD5Tools;
import com.common.tools.TimeTools;
import com.common.util.ErrorNumber;
import com.common.util.LogicException;
import com.common.util.SessionKeyContent;
import com.pac.user.UserKeyContent;
import com.pac.user.bean.UserBean;
import com.pac.user.service.UserService;

/**
 * 登陆控制类
 * 
 * @author lujun.chen
 * @version [版本号, 2015年2月12日]
 * @see [相关类/方法]
 * @since [产品/模块版本]
 */
@Controller
@Scope("prototype")
@RequestMapping("/login")
public class LoginController {
	
	@Autowired
	private UserService userService;

	/**
	 * 跳转到登录页面 /page/login/login.html
	 * 
	 * @return
	 * @see [类、类#方法、类#成员]
	 */
	@RequestMapping("/tologin")
	public ModelAndView toLogin(HttpServletRequest request) {

		ModelAndView mov = new ModelAndView();
		mov.setViewName("/login/login");

		return mov;
	}

	/**
	 * 跳转到主页面 /page/mainframe.html
	 * 
	 * @param username
	 *            用户名
	 * @param password
	 *            密码
	 * @param signcode
	 *            验证码
	 * @return
	 * @throws LogicException
	 * @see [类、类#方法、类#成员]
	 */
	@RequestMapping("/mainframe")
	public ModelAndView mainframe(HttpServletRequest request, String username,
			String password, String signcode) throws LogicException {
		ModelAndView mov = new ModelAndView();

		// 从session中获取秘钥种子，解密加密后的密码
		HttpSession session = request.getSession();

		UserBean userBeans = (UserBean) session
				.getAttribute(SessionKeyContent.SESSION_KEY_OBJ_USER_BEAN);

		// 处于登录状态，无需验证登录
		if (null == userBeans) {
			
			// 密码MD5加密
			String passwordMD5 = MD5Tools.MD5(password);
			passwordMD5 = passwordMD5.toLowerCase();

			UserBean userBean = new UserBean();
			userBean.setUserName(username);
			userBean.setPassword(passwordMD5);
			UserBean userBeanR = userService.findUser(userBean);
			if (null == userBeanR) {
				mov.setViewName("/common/error");
				mov.addObject(ErrorNumber.ERROR_MESSAGE, "用户名或密码错误！");
				return mov;
			}

			if (UserKeyContent.USER_STATUS_INACTIVE
					.equals(userBeanR.getState())) {
				mov.setViewName("/common/error");
				mov.addObject(ErrorNumber.ERROR_MESSAGE, "该账号已被冻结，请联系管理员！");
				return mov;
			}

			if (UserKeyContent.USER_STATUS_ACTIVE_WILL.equals(userBeanR
					.getState())) {
				mov.setViewName("/common/error");
				mov.addObject(ErrorNumber.ERROR_MESSAGE, "该账号还未激活，请先激活账号！");
				return mov;
			}

			// 账号是否在允许登录的时间段内
			Date startDate = TimeTools.toDate(userBeanR.getCreateDate(),
					TimeTools.DATE_FORMAT_DEFAULT);
			Date endDate = TimeTools.toDate(userBeanR.getEndDate(),
					TimeTools.DATE_FORMAT_DEFAULT);
			Date dateNow = new Date();
			if (dateNow.before(startDate)) {
				mov.setViewName("/common/error");
				mov.addObject(ErrorNumber.ERROR_MESSAGE, "该账号还未到启用时间，不能登录！");
				return mov;
			}

			if (dateNow.after(endDate)) {
				mov.setViewName("/common/error");
				mov.addObject(ErrorNumber.ERROR_MESSAGE, "该账号已过期，不能登录！");
				return mov;
			}

			// 把用户信息放到session中
			session.setAttribute(SessionKeyContent.SESSION_KEY_OBJ_USER_BEAN,
					userBeanR);
		}

		UserBean userBeansU = (UserBean) session
				.getAttribute(SessionKeyContent.SESSION_KEY_OBJ_USER_BEAN);
		mov.addObject("user", userBeansU);
		mov.setViewName("/mainframe");

		return mov;
	}

	/**
	 * 退出登录 
	 * 
	 * @return
	 * @see [类、类#方法、类#成员]
	 */
	@RequestMapping("/exit")
	public ModelAndView loginOut(HttpServletRequest request) {
		ModelAndView mov = new ModelAndView();

		// 重定向到登录页
		mov.setViewName("redirect:./tologin");
		mov.addObject("r", Math.random());

		// 销毁session
		HttpSession session = request.getSession();
		session.invalidate();

		return mov;
	}

}
